Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1073246?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1073246?format=api", "purl": "pkg:deb/debian/xscreensaver@4.21-3", "type": "deb", "namespace": "debian", "name": "xscreensaver", "version": "4.21-3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.45+dfsg1-2", "latest_non_vulnerable_version": "5.45+dfsg1-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9478?format=api", "vulnerability_id": "VCID-6bmg-wd6f-jya8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31523", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13049", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13146", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13152", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13128", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31523" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31523", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31523" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987149", "reference_id": "987149", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987149" }, { "reference_url": "https://security.archlinux.org/AVG-1857", "reference_id": "AVG-1857", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1088763?format=api", "purl": "pkg:deb/debian/xscreensaver@5.45%2Bdfsg1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.45%252Bdfsg1-2" } ], "aliases": [ "CVE-2021-31523" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bmg-wd6f-jya8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201992?format=api", "vulnerability_id": "VCID-73me-anhc-8kc1", "summary": "xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2187.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27206", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27407", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27428", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.2741", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2187" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627382", "reference_id": "627382", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627382" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=703483", "reference_id": "703483", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703483" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073251?format=api", "purl": "pkg:deb/debian/xscreensaver@5.15-3%2Bdeb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-fyh7-6m76-4qar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.15-3%252Bdeb7u1" } ], "aliases": [ "CVE-2011-2187" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73me-anhc-8kc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9666?format=api", "vulnerability_id": "VCID-84fk-y48y-2yha", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-34557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38544", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38718", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3874", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38729", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-34557" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34557", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34557" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989508", "reference_id": "989508", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989508" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1088763?format=api", "purl": "pkg:deb/debian/xscreensaver@5.45%2Bdfsg1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.45%252Bdfsg1-2" } ], "aliases": [ "CVE-2021-34557" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84fk-y48y-2yha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/185684?format=api", "vulnerability_id": "VCID-aunv-bh82-53er", "summary": "XScreenSaver allows local users to bypass authentication under certain\n configurations.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1859.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25051", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25249", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25268", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25254", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=237003", "reference_id": "237003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237003" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433964", "reference_id": "433964", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433964" }, { "reference_url": "https://security.gentoo.org/glsa/200705-14", "reference_id": "GLSA-200705-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0322", "reference_id": "RHSA-2007:0322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0322" }, { "reference_url": "https://usn.ubuntu.com/474-1/", "reference_id": "USN-474-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/474-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073248?format=api", "purl": "pkg:deb/debian/xscreensaver@5.05-3%2Blenny1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-73me-anhc-8kc1" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-fyh7-6m76-4qar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.05-3%252Blenny1" } ], "aliases": [ "CVE-2007-1859" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aunv-bh82-53er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/515?format=api", "vulnerability_id": "VCID-fyh7-6m76-4qar", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2099", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21167", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21187", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8025" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802914", "reference_id": "802914", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802914" }, { "reference_url": "https://usn.ubuntu.com/2789-1/", "reference_id": "USN-2789-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2789-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073251?format=api", "purl": "pkg:deb/debian/xscreensaver@5.15-3%2Bdeb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-fyh7-6m76-4qar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.15-3%252Bdeb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1074646?format=api", "purl": "pkg:deb/debian/xscreensaver@5.30-1%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-fyh7-6m76-4qar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.30-1%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088761?format=api", "purl": "pkg:deb/debian/xscreensaver@5.36-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-84fk-y48y-2yha" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.36-1" } ], "aliases": [ "CVE-2015-8025" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fyh7-6m76-4qar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200840?format=api", "vulnerability_id": "VCID-vpb5-by3g-ykay", "summary": "xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, which allows attackers with physical access to gain access to the locked session.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62626", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62728", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.6274", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62735", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448157", "reference_id": "448157", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448157" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073248?format=api", "purl": "pkg:deb/debian/xscreensaver@5.05-3%2Blenny1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-73me-anhc-8kc1" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-fyh7-6m76-4qar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@5.05-3%252Blenny1" } ], "aliases": [ "CVE-2007-5585" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpb5-by3g-ykay" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199640?format=api", "vulnerability_id": "VCID-243q-jeqz-dfes", "summary": "Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1294.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27137", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.2734", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.2736", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27342", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617125", "reference_id": "1617125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0498", "reference_id": "RHSA-2006:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0498" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073246?format=api", "purl": "pkg:deb/debian/xscreensaver@4.21-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-73me-anhc-8kc1" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-aunv-bh82-53er" }, { "vulnerability": "VCID-fyh7-6m76-4qar" }, { "vulnerability": "VCID-vpb5-by3g-ykay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@4.21-3" } ], "aliases": [ "CVE-2003-1294" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-243q-jeqz-dfes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199917?format=api", "vulnerability_id": "VCID-7s4y-2y7b-vyaf", "summary": "rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2655.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2655.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-2655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80845", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80905", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80915", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80906", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-2655" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617427", "reference_id": "1617427", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0498", "reference_id": "RHSA-2006:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0498" }, { "reference_url": "https://usn.ubuntu.com/269-1/", "reference_id": "USN-269-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/269-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073246?format=api", "purl": "pkg:deb/debian/xscreensaver@4.21-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-73me-anhc-8kc1" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-aunv-bh82-53er" }, { "vulnerability": "VCID-fyh7-6m76-4qar" }, { "vulnerability": "VCID-vpb5-by3g-ykay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@4.21-3" } ], "aliases": [ "CVE-2004-2655" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7s4y-2y7b-vyaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199622?format=api", "vulnerability_id": "VCID-82j9-5qv3-2bam", "summary": "Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0885.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58654", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.5878", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58769", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0885" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073246?format=api", "purl": "pkg:deb/debian/xscreensaver@4.21-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-73me-anhc-8kc1" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-aunv-bh82-53er" }, { "vulnerability": "VCID-fyh7-6m76-4qar" }, { "vulnerability": "VCID-vpb5-by3g-ykay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@4.21-3" } ], "aliases": [ "CVE-2003-0885" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82j9-5qv3-2bam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199641?format=api", "vulnerability_id": "VCID-vbyr-cssk-fqcz", "summary": "Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors \"while verifying the user-password.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20452", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2065", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1295" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1073246?format=api", "purl": "pkg:deb/debian/xscreensaver@4.21-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bmg-wd6f-jya8" }, { "vulnerability": "VCID-73me-anhc-8kc1" }, { "vulnerability": "VCID-84fk-y48y-2yha" }, { "vulnerability": "VCID-aunv-bh82-53er" }, { "vulnerability": "VCID-fyh7-6m76-4qar" }, { "vulnerability": "VCID-vpb5-by3g-ykay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@4.21-3" } ], "aliases": [ "CVE-2003-1295" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbyr-cssk-fqcz" } ], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xscreensaver@4.21-3" }